## DEV Community

JigNect Technologies

Posted on

# Protecting Your App: An Easy-to-Follow UI Testing Checklist and Data Type Attacks Overview

User Interface (UI) testing is like a safety check for your app. Just like cars need regular checks to stay safe on the road, apps need UI testing to make sure they’re safe for users. But UI testing is not just about looks; it’s also about keeping your app strong and secure. In this blog post, we’ll explore why a UI testing checklist is important and what you need to know about data type attacks, including User Interface testing considerations.

## How UI Testing Helps with Data Type Attacks 📝

Even though UI testing mostly looks at the outside of your app, it can still help protect against data type attacks in these ways.

## 1️⃣ Numbers:

• Minimum Allowable Value: Check that input fields accept the minimum allowable numeric value.

• Minimum Allowable Value – 1: Ensure that input fields reject entries with one less than the minimum allowable value.

• Maximum Allowable Value: Verify that input fields accept the maximum allowable numeric value.

• Minimum Allowable Value + 1: Validate that input fields accept entries with one more than the minimum allowable value.

• Zero: Test how the UI handles entries with the value 0.

• Negative Numbers: Confirm that negative numbers are accepted and handled correctly (e.g., -1).

• 15 Bits Values:
32768 (2^15) 32769
(2^15 + 1)

• 16 Bits Values:
65536 (2^16)
65537 (2^16 + 1)

• 31 Bits Values:
147483648 (2^31)
2147483649 (2^31 + 1)

• 32 Bits Values:
4294967296 (232)
4294967297 (232 + 1)

• Scientific Notation (1E-16): Check the numbers that are too large or too small to be conveniently written in decimal form.

• Negative: A real quantity having a value less than zero ( < 0 ) is said to be negative.

• Floating Point/Decimal Numbers: Verify the UI’s response to decimal numbers (e.g., 0.0001).

• Numbers with Commas: Check how the UI handles numbers formatted with commas (e.g., 1,234,567).

• European-Style Numbers: Test input fields for numbers with European-style formatting (e.g., 1.234.567,89).

## 2️⃣ Strings:

• Minimum Allowable Length: Verify that input fields with a minimum character limit accept the correct minimum number of characters.
• Minimum Allowable Length – 1: Ensure input fields reject entries with one character less than the minimum requirement.
• Maximum Allowable Length: Confirm that input fields with a maximum character limit accept the correct maximum number of characters.
• Minimum Allowable Length + 1: Validate that input fields accept entries with one character more than the minimum requirement.
• Long Strings: Test input fields with various string lengths, including 255, 256, 257, 1000, 1024, 2000, 2048, or more characters.
• Accented Characters: Check how the UI handles special characters like “àáâãäåçèéêëìíîðñòôõöö.”
• Asian Chars ( ): Check application should support Asian characters.
• Common Delimiters and Special Characters: Verify the UI’s response to characters like ” ‘ \ | / \ , ; : & < > ^ * ? Tab.`
• Leave Blank: Confirm that mandatory fields correctly flag blank entries.
• Single Space: Test fields that should not accept entries with only one space
• .
• Multiple Spaces: Check how the UI handles entries with multiple spaces.
• Leading Spaces: Verify that fields do not accept entries with leading spaces.
• End-of-Line Characters (^M): Ensure that the application accepts strings containing end-of-line characters without crashing or corrupting data.
• SQL Injection: Attempt SQL injection by entering potentially harmful SQL statements like ‘select * from a customer.
• HTML/Java Injection: Test for HTML/JavaScript injection by entering code snippets like,
• Size 10
• GB18030: GB18030 is a character encoding standard used for encoding Chinese characters, as well as characters from other languages that use Chinese characters in their writing systems like,
1. Meng: ᡒᡓᡔᡕᡖᡗᡘᡙᡚᡛ
2. Wei: ږڗژڙښڛڜڝڞڟ
3. Yi: ꁿꂀꂁꂂꂃꂄꂅꂆꂇꂈ
4. Zang: ꄟꄠꄡꄢꄣꄤꄥꄦꄧꄨ

With All Actions (Entering, Searching, Updating, etc.):

1.Entering Data: Test the UI components where users enter text (e.g., input fields, text areas). Check for the following:

• Input validation: Ensure the application responds appropriately to valid and invalid input.
• Input length limits: Confirm that the application enforces character limits.

2. Searching: If your application involves search functionality, pay attention to:

• Search queries: Test with various search queries, including special characters and Asian characters.
• Search results: Verify that the search results display strings accurately, and the highlighting of search terms works correctly.

3.Updating Data:

• When users can edit or update text, ensure that:
• Edits are saved correctly.
• Validation and character limits are enforced during updates.
• History or versioning systems capture changes accurately.

## 3️⃣ Time and Date:

• Different Formats: Test date and time input fields for various formats (e.g., June 5, 2001; 06/05/2001; 06/05/01; 06-05-01; 6/5/2001 12:34).
1. When conducting browser testing, make sure to switch to the appropriate language pack.
2. Ensure that the display format remains consistent across all screens during verification.
• Time Difference Between Machines: Check how the UI handles time differences between machines and ensures consistency.
• Crossing Time Zones: Verify the UI’s behavior when dealing with date and time entries that cross different time zones.
• Leap Days: Test how the UI handles leap days (e.g., February 29) in both leap and non-leap years.
• Invalid Dates: Enter dates that don’t exist, such as February 30 or September 31, and observe how the UI responds.
• February 29 in Non-Leap Years: Check the UI’s behavior when entering February 29 in a non-leap year.
• Daylight Savings Changeover: Test how the UI handles the transition between daylight saving time and standard time.
• Timeouts: Test an application that waits for a predefined amount of time.
• Reset Clock Backward or Forward: Check how an application responds when a user or a process intentionally changes the system clock to an earlier (backward) or later (forward) date and time.

## 4️⃣ Paths/Files:

🔶 Opening/Editing Existing Files:

• Long File Names/Paths: Ensure the UI can handle file names or paths longer than 255 characters.
• Special Characters in File Names/Paths: Test how the UI responds to special characters such as * ? / \ | < > , . ( ) [ ] { } ; : ‘ “ ! @ # \$ % ^ &.
• File Does Not Exist: Confirm that the UI handles attempts to open or edit non-existing files gracefully.
• Write-Protected Files: Test how the UI deals with files that are write-protected.
• Locked Files: Check the UI’s response when trying to open files locked by another process.
• Corrupted Files: Verify the UI’s behavior when attempting to open or edit corrupted files.
• Non-Local Locations: Test file handling when files are stored in non-local locations such as HTTP, FTP, OneDrive, GoogleDocs, Azure, etc.
• Files from Different Operating Systems: Check how the UI handles files created on one operating system when used on another (e.g.Mac files on Windows).
• Minimal Space: Test how the UI behaves when there’s minimal disk space available. Ensure it gracefully handles scenarios where storage is almost full.
• Unavailable: Confirm that the UI responds appropriately when attempting to access or open files that are unavailable. This includes files that have been moved, deleted, or are otherwise inaccessible.
• On Remote Machine: Evaluate how the UI handles files located on remote machines or network drives. Ensure it can access and interact with these files seamlessly.

🔶 Creating New Files:

• Long File Names/Paths: Confirm that the UI can create files with names or paths longer than 255 characters.
• Special Characters in File Names/Paths: Test how the UI handles special characters when creating new files.
• File Already Exists: Verify that the UI responds appropriately when trying to create a file with a name that already exists.
• No Disk Space Left: Test what happens when there is no available disk space to create a new file .

## 5️⃣ Browser Preferences:

• JavaScript Off: Evaluate how the UI functions with JavaScript disabled in browser settings, ensuring graceful degradation.
• Cookies Off: Confirm that the UI behaves correctly with cookies disabled, considering privacy-conscious users.
• Resize Browser Window: Check how the UI responds to window resizing and ensure it adapts appropriately to different screen sizes.
• Change Font-size Preferences: Verify that the UI maintains layout and readability when users adjust their browser’s font size settings.
• Change Language Pack: Confirm that the UI supports different language packs and displays content correctly when language settings are changed.
• Change Browser Zoom Settings: Test how the UI responds to changes in browser zoom settings (e.g., 125%, 150%).

## 6️⃣ Website Navigation:

• Back Button: Use the back button and watch for ‘Expired’ messages and double-posted transactions. Ensure smooth navigation within your web application.
• Refresh: Verify that refreshing the page doesn’t result in unintended side effects or errors.
• Bookmark the URL: Test bookmarking URLs while logged out and selecting the bookmark afterward.
• Change the URL: Attempt to manipulate the URL (e.g., changing or removing parameters) to access unauthorized information.
• Multiple Browser Instances: Test how the UI behaves when multiple browser instances are open simultaneously, mimicking real-world user scenarios.
• Different browsers: Test and ensure that a website or web application functions correctly and looks consistent across various web browsers and devices such as Chrome, Firefox, Mobile, etc.

## 7️⃣ Look and Feel:

• Consistency in Fonts/Sizes/Colors: Ensure that fonts, font sizes, colors, and casing are consistent across all similar screens and UI elements.
• Consistency in Icons/Verbiage: Verify that icons and verbiage used for similar functionality (e.g., Add, Delete, Search) are consistent throughout the UI.
• Different Monitor Resolutions: Test the UI on various monitor resolutions to ensure it looks and functions well on different screen sizes.
• High Contrast Mode: Check how the UI appears when the operating system is set to High Contrast mode, ensuring accessibility for all users.
• Tab Order: Confirm that the tab order follows a logical sequence for keyboard navigation, enhancing accessibility.

## 8️⃣ Domain-Specific Rules:

• Invalid IP Address: Test for invalid IP address formats (e.g., 999.999.999.999, 1.1.1).
• Invalid Email Address: Validate the UI’s response to invalid email addresses (e.g., no “@”, no “.”, spaces, etc.).
• Invalid Age: Check how the UI handles age values that are outside valid ranges (e.g., -1, 1000).

## 9️⃣ Other Cases:

• Required Fields: Verify that fields marked as required are indeed enforced as such to prevent incomplete data submissions.
• Field Widths: Confirm that field widths are appropriate for the type of data they are meant to accommodate (e.g., LastName should be longer than FirstName).
• Tooltips: Ensure that tooltips are displayed correctly and provide helpful information when hovering over UI elements, enhancing user guidance.
• Combo Boxes/Dropdowns: Test that the options within combo boxes or dropdowns make sense and are correctly populated, preventing user confusion.
• Appropriate Error Messages: Confirm that the UI displays clear and relevant error messages when users input incorrect or invalid values, aiding user understanding.
• Violates Domain-Specific Rules: Test for inputs that violate domain-specific rules, such as:
• An IP address of 999.999.999.999 (an invalid format).
• An email address with no “@” symbol (a basic requirement).
• An age of -1 (an age cannot be negative).

• Violates Uniqueness Constraint: Verify how the UI responds when users attempt to input data that violates uniqueness constraints, such as trying to create a user account with an email address that’s already registered.

## Conclusion

User Interface (UI) testing is like a safety check for your app, ensuring it is secure, robust, and user-friendly. It’s not just about aesthetics; UI testing is crucial for maintaining the integrity and security of your application. A comprehensive UI testing checklist is essential for identifying potential issues, particularly in safeguarding against data type attacks. By thoroughly testing various input scenarios for numbers, strings, dates, times, files, and browser preferences, you can ensure your app handles data correctly and securely.

In addition to enhancing user experience, meticulous UI testing helps prevent vulnerabilities that could be exploited through improper input handling. Remember, a well-tested UI not only looks good but also performs reliably and securely under different conditions and edge cases.

Embrace the meticulous approach to UI testing and witness how it elevates the quality and performance of your application. Begin your journey into the world of software testing excellence, and refer to tools, technologies, and QA services for more insights.

Witness how our meticulous approach and cutting-edge solutions elevated quality and performance to new heights. Begin your journey into the world of software testing excellence. To know more refer to Tools & Technologies & QA Services

Happy Automation Testing 🙂